S2 Research TeamDec 21, 20229 min readInside the IcedID BackConnect ProtocolDeriving Threat Actor TTPs from Management Infrastructure Tracking You can find our previous work on Stage 1 and Stage 2 of IcedID’s...
